Total
8775 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-6325 | 1 Vmware | 1 Vcenter Server Appliance | 2024-09-17 | N/A |
| VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors. | ||||
| CVE-2019-4444 | 1 Ibm | 1 Api Connect | 2024-09-17 | 5.5 Medium |
| IBM API Connect 2018.1 through 2018.4.1.7 Developer Portal's user registration page does not disable password autocomplete. An attacker with access to the browser instance and local system credentials can steal the credentials used for registration. IBM X-Force ID: 163453. | ||||
| CVE-2014-2873 | 1 Paperthin | 1 Commonspot Content Server | 2024-09-17 | N/A |
| PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not require authentication for access to log files, which allows remote attackers to obtain sensitive server information by using a predictable name in a request for a file. | ||||
| CVE-2010-3284 | 1 Hp | 1 System Management Homepage | 2024-09-17 | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2017-15851 | 1 Google | 1 Android | 2024-09-17 | N/A |
| Lack of copy_from_user and information leak in function "msm_ois_subdev_do_ioctl, file msm_ois.c can lead to a camera crash in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel | ||||
| CVE-2018-1999040 | 1 Jenkins | 1 Kubernetes | 2024-09-17 | N/A |
| An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins. | ||||
| CVE-2014-10047 | 1 Qualcomm | 4 Sd 400, Sd 400 Firmware, Sd 800 and 1 more | 2024-09-17 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, when writing the Full Disk Encryption key to crypto engine, information leak could occur. | ||||
| CVE-2017-1126 | 1 Ibm | 2 Integration Bus, Websphere Message Broker | 2024-09-17 | N/A |
| IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) could allow an unauthorized user to obtain sensitive information about software versions that could lead to further attacks. IBM X-Force ID: 121341. | ||||
| CVE-2020-4361 | 1 Ibm | 1 Planning Analytics | 2024-09-17 | 4.3 Medium |
| IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information by disclosing private IP addresses in HTTP responses. IBM X-Force ID: 178766. | ||||
| CVE-2015-8602 | 1 Token Insert Entity Project | 1 Token Insert Entity | 2024-09-17 | N/A |
| The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote authenticated users with certain permissions to bypass intended access restrictions and possibly obtain sensitive information by inserting a token, which embeds a rendered entity in the main node. | ||||
| CVE-2021-38999 | 1 Ibm | 1 Mq Appliance | 2024-09-17 | 5.5 Medium |
| IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. | ||||
| CVE-2018-19643 | 1 Microfocus | 1 Solutions Business Manager | 2024-09-17 | N/A |
| Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | ||||
| CVE-2012-1645 | 2 Drupal, Wimleers | 2 Drupal, Cdn | 2024-09-17 | N/A |
| The CDN module 6.x-2.2 and 7.x-2.2 for Drupal, when running in Origin Pull mode with the "Far Future expiration" option enabled, allows remote attackers to read arbitrary PHP files via unspecified vectors, as demonstrated by reading settings.php. | ||||
| CVE-2018-1976 | 1 Ibm | 1 Api Connect | 2024-09-17 | N/A |
| IBM API Connect 5.0.0.0 through 5.0.8.4 is impacted by sensitive information disclosure via a REST API that could allow a user with administrative privileges to obtain highly sensitive information. IBM X-Force ID: 154031. | ||||
| CVE-2017-1409 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2024-09-17 | N/A |
| IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 127396. | ||||
| CVE-2017-13205 | 1 Google | 1 Android | 2024-09-17 | N/A |
| An information disclosure vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64550583. | ||||
| CVE-2014-9576 | 1 Vdgsecurity | 1 Vdg Sense | 2024-09-17 | N/A |
| VDG Security SENSE (formerly DIVA) 2.3.13 has a hardcoded password of (1) ArpaRomaWi for the root Postgres account and !DVService for the (2) postgres and (3) NTP Windows user accounts, which allows remote attackers to obtain access. | ||||
| CVE-2017-1752 | 1 Ibm | 1 Urbancode Deploy | 2024-09-17 | N/A |
| IBM UrbanCode Deploy 6.1 and 6.2 could allow an authenticated privileged user to obtain highly sensitive information. IBM X-Force ID: 135547. | ||||
| CVE-2017-5529 | 1 Tibco | 9 Jasperreports Library Community Edition, Jasperreports Library For Activematrix Bpm, Jasperreports Professional and 6 more | 2024-09-17 | N/A |
| JasperReports library components contain an information disclosure vulnerability. This vulnerability includes the theoretical disclosure of any accessible information from the host file system. Affects TIBCO JasperReports Library Community Edition (versions 6.4.0 and below), TIBCO JasperReports Library for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO JasperReports Professional (versions 6.2.1 and below, and 6.3.0), TIBCO JasperReports Server (versions 6.1.1 and below, 6.2.0, 6.2.1, 6.3.0), TIBCO JasperReports Server Community Edition (versions 6.3.0 and below), TIBCO JasperReports Server for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO Jaspersoft for AWS with Multi-Tenancy (versions 6.3.0 and below), TIBCO Jaspersoft Reporting and Analytics for AWS (versions 6.3.0 and below), and TIBCO Jaspersoft Studio for ActiveMatrix BPM (versions 6.2.0 and below). | ||||
| CVE-2017-0879 | 1 Google | 1 Android | 2024-09-17 | N/A |
| An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65025028. | ||||